“One-time passcodes, a crucial defense for online banking applications, are being intercepted by a malware program for Android, according to new research from Symantec,” Jeremy Kirk reports for IDG News Service.

“The malware, called Android.Bankosy, has been updated to intercept the codes, which are part of so-called two-factor authentication systems,” Kirk reports. “The malware also ‘has support for disabling and enabling silent mode in addition to locking the device so that the victim is not alerted during an incoming call,'” wrote Dinesh Venkatesan of Symantec in a blog post on Tuesday.”

Kirk reports. “The one-time passcode is used with the victim’s login credentials, which the attackers have presumably already obtained.”

Read more in the full article here.

MacDailyNews Take: Good thing you got two for one, settler. Good thing you’re a cheapskate, too. That’ll serve you well with your newly-emptied bank accounts. (smirk)

[Thanks to MacDailyNews Reader “eldernorm” for the heads up.]